I code signed a dmg file and had it uploaded to google cloud storage. The file is not deemed as threatening in my Mac but in other Macs chrome browser blocks the download of the file regarding it as a malware. Upon trying to install the dmg in any Mac other than the one used to code sign it, Gatekeeper blocks the installation. Unsigned version of the dmg works just fine and is not regarded as malware neither by chrome or Gatekeeper. I'm pretty noob in this regard. I could not find out any reason behind it.
I followed this SO question to code sign the dmg. When I inspected it with the following command -
spctl -a -t open --context context:primary-signature -v path/to/dmg
Ouput of the above command is -
path/to/dmg: accepted
source=Developer ID